Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/qvffYid_9gggd1SbtwAyEvOhCx0.roa
File: qvffYid_9gggd1SbtwAyEvOhCx0.roa (raw, json)
Hash identifier: kXrncRwJAoSFnxCYuyzFlPX3YuwV3UZnwIb/wSr+xPc=
Subject key identifier: AA:F7:DF:62:27:7F:F6:08:20:77:54:9B:B7:00:32:12:F3:A1:0B:1D
Certificate issuer: /CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Certificate serial: 018CC26D5ACBD1174B6D98838337E540AB6A
Authority key identifier: FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/qvffYid_9gggd1SbtwAyEvOhCx0.roa
Signing time: Mon 01 Jan 2024 00:29:55 +0000
ROA not before: Mon 01 Jan 2024 00:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202391
IP address blocks: 31.25.95.0/24 maxlen: 24
31.25.92.0/22 maxlen: 22
31.25.92.0/24 maxlen: 24
31.25.94.0/24 maxlen: 24
31.25.93.0/24 maxlen: 24
185.49.104.0/22 maxlen: 22
185.118.12.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 10 Mar 2024 08:21:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:5a:cb:d1:17:4b:6d:98:83:83:37:e5:40:ab:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Validity
Not Before: Jan 1 00:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aaf7df62277ff6082077549bb7003212f3a10b1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7f:a7:9e:d0:28:37:f4:d0:2c:8c:14:a9:dd:
6b:27:b8:30:b7:a3:ce:15:a5:5b:d9:ef:10:62:74:
7a:d3:a6:2d:4f:6c:ef:38:51:03:8e:cf:e5:b2:ad:
b4:66:59:2c:e9:f1:ec:47:38:19:f7:c8:a6:16:5c:
be:7f:bd:b0:0a:68:80:f6:e6:c7:51:be:62:f3:03:
31:99:fc:52:62:d7:6d:05:72:55:46:92:00:a2:50:
5a:14:c2:a1:de:75:39:32:c6:4b:37:b7:20:af:af:
ff:13:d6:eb:0a:70:62:be:46:cf:26:eb:60:71:86:
6a:e9:9c:ed:f3:76:fb:7b:45:d4:9d:24:b4:54:68:
2c:21:1c:45:7d:35:7f:79:61:a8:54:53:f9:2b:ca:
d6:58:d1:b4:c6:a9:a0:21:51:8d:24:32:59:8f:25:
3c:e7:ff:7f:c1:7c:42:a8:76:c1:94:a7:2f:74:82:
a3:67:18:94:9f:cd:4d:87:33:be:d0:41:0c:bf:b9:
71:45:c4:b0:ec:7c:ce:a0:a2:1a:c3:6f:da:74:43:
32:c6:fe:c5:ad:eb:74:62:07:79:15:4b:ca:23:c2:
98:07:4e:2c:20:46:f8:ec:d9:10:11:81:a7:95:83:
de:c6:fa:69:50:94:f9:9e:58:46:36:e7:c5:73:a8:
de:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:F7:DF:62:27:7F:F6:08:20:77:54:9B:B7:00:32:12:F3:A1:0B:1D
X509v3 Authority Key Identifier:
keyid:FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/qvffYid_9gggd1SbtwAyEvOhCx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.92.0/22
185.49.104.0/22
185.118.12.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:1d:d2:22:f9:6f:52:1c:85:94:18:dd:1e:af:e8:46:05:71:
25:b9:bd:ba:fd:39:dd:ec:e1:a5:ae:18:71:00:f0:b0:0e:1e:
0b:87:e4:30:00:51:4c:b8:28:c5:bd:31:9c:ea:75:4d:e1:a2:
a9:d0:d7:aa:55:3d:bb:5a:43:c4:a3:89:18:cd:5d:64:56:8f:
00:f7:f0:12:c3:a9:fb:74:13:33:db:30:f8:4c:0b:5d:26:cd:
72:2c:00:2f:20:4f:a3:be:b0:63:15:03:78:5f:09:67:78:66:
79:f1:26:8e:de:a0:a0:88:9b:d5:a7:df:3b:73:5a:43:e1:e7:
fb:0f:19:53:60:ae:57:dc:c1:90:82:81:af:a6:42:c1:6d:28:
06:29:97:ae:cf:4f:2a:53:2d:af:dc:f7:22:1a:59:d5:aa:e7:
24:06:18:1d:cf:e8:e2:fc:07:54:ff:af:d2:d1:81:09:52:ed:
55:b5:0f:b1:d4:86:62:a8:9c:e6:5a:45:1a:dd:fe:67:b7:84:
af:5a:51:9e:12:ed:48:f5:7d:81:5b:7f:ad:d5:3a:1d:7b:39:
c5:46:12:db:22:9c:6c:ef:c7:89:b2:27:5b:9c:43:82:5e:a3:
65:93:c0:9d:1e:fe:9c:b5:1d:ee:f9:ca:93:90:21:49:6b:33:
7f:f6:df:ec
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzCbVrL0RdLbZiDgzflQKtqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhM2QwYmMxMWIyOWRhNDRhZDU3MzA0YzNmODU2ODg3MGEw
MTljMjQwHhcNMjQwMTAxMDAyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWY3ZGY2MjI3N2ZmNjA4MjA3NzU0OWJiNzAwMzIxMmYzYTEwYjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3+nntAoN/TQLIwUqd1rJ7gwt6PO
FaVb2e8QYnR606YtT2zvOFEDjs/lsq20Zlks6fHsRzgZ98imFly+f72wCmiA9ubH
Ub5i8wMxmfxSYtdtBXJVRpIAolBaFMKh3nU5MsZLN7cgr6//E9brCnBivkbPJutg
cYZq6Zzt83b7e0XUnSS0VGgsIRxFfTV/eWGoVFP5K8rWWNG0xqmgIVGNJDJZjyU8
5/9/wXxCqHbBlKcvdIKjZxiUn81NhzO+0EEMv7lxRcSw7HzOoKIaw2/adEMyxv7F
ret0Ygd5FUvKI8KYB04sIEb47NkQEYGnlYPexvppUJT5nlhGNufFc6jeIwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKr332Inf/YIIHdUm7cAMhLzoQsdMB8GA1UdIwQY
MBaAFPo9C8EbKdpErVcwTD+FaIcKAZwkMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qMEx3UnNwMmtTdFZ6Qk1QNFZvaHdvQm5DUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1
LWQyMTA3MWVmNzM1Yi8xL3F2ZmZZaWRfOWdnZ2QxU2J0d0F5RXZPaEN4MC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1LWQyMTA3MWVmNzM1
Yi8xLzEtajBMd1JzcDJrU3RWekJNUDRWb2h3b0JuQ1EuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAIfGVwD
BAK5MWgDBAK5dgwwDQYJKoZIhvcNAQELBQADggEBAAwd0iL5b1IchZQY3R6v6EYF
cSW5vbr9Od3s4aWuGHEA8LAOHguH5DAAUUy4KMW9MZzqdU3hoqnQ16pVPbtaQ8Sj
iRjNXWRWjwD38BLDqft0EzPbMPhMC10mzXIsAC8gT6O+sGMVA3hfCWd4ZnnxJo7e
oKCIm9Wn3ztzWkPh5/sPGVNgrlfcwZCCga+mQsFtKAYpl67PTypTLa/c9yIaWdWq
5yQGGB3P6OL8B1T/r9LRgQlS7VW1D7HUhmKonOZaRRrd/me3hK9aUZ4S7Uj1fYFb
f63VOh17OcVGEtsinGzvx4myJ1ucQ4Jeo2WTwJ0e/py1He75ypOQIUlrM3/23+w=
Generated at Sun Mar 10 09:21:47 2024 by rpki-client on console-ams.rpki-client.org